A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due to observable decryption failure behavior Windows Event Logs when handling malformed ciphertext SYSTEM-DPAPI-encrypted blobs. A local attacker can repeatedly send ciphertexts the Chrome elevation service and distinguish between MAC errors, enabling a attack. This allows partial of SYSTEM-DPAPI layer eventual recovery user-DPAPI encrypted key, which is trivially decrypted by attacker’s own context. issue undermines core purpose Encryption low-privileged theft through cryptographic misuse verbose error feedback. Confirmed with enabled. Other Chromium-based browsers may be affected if they implement similar COM-based mechanisms. This arises from combination implementation way Microsoft DPAPI reports failures via Logs. As such, relies on visibility all supported versions Windows.